Cloud is a delivery model of computing services over remote network. This model is enabled by virtualization technology and features a pay-as-you-go pricing plan for computing services. Along with the flexible billing option, is the elasticity of managing services in the cloud platform.
When designing a cloud architecture, we mainly look at:
Cloud landing zone
A successful cloud platform enables application teams to focus on business requirement. The backbone of a cloud platform is a landing zone, which typically addresses security, networking and compliance requirement of the organization’s IT footprint in the cloud. Both AWS and Azure have guidelines of multiple options to deploy landing zones.
Enterprise applications often have specific requirements on IOPS and throughput. Selecting a storage service in a cloud platform, must also consider the high availability, disaster recovery and cost efficiency.
Networking design has profound impact on the security posture and must be well thought out. It sets the foundation of high availability and fault tolerance. Also, how traffic flows in and out the system significantly affect the cost.
Infrastructure as code
There have been three categories of infrastructure as code, those based on markup language (ARM, CloudFormation), those based on general-purpose programming language (Pulumi, AWS CDK), and those based on Domain Specific Language (Terraform, Bicep). They have different levels of flexibility and different skill requirement.
More on cloud platform
- The Systems Manager Hodgepodge - Introduction to Systems Manager AWS Systems Manager addresses a lot of SysOps requirements for configuration management, including server automation. In this domain, there is another AWS service called OpsWorks. However, with OpsWorks Stack, OpsWorks Chef and OpsWorks Puppet all coming EOL in 2024, the entire OpsWorks service is mostly deprecated.… ... Read moreThe Systems Manager Hodgepodge
- Orchestrate Landing Zone with Landing Zone Accelerator on AWS - As a continuation to the last post, we explore the Landing Zone Accelerator on AWS (LZA) as an orchestration tool in this post. LZA borrows a lot from the ASEA, an accelerator project to deploy the security reference architecture (SRA). LZA is a multi-purpose project that consists of both the… ... Read moreOrchestrate Landing Zone with Landing Zone Accelerator on AWS
- Landing Zone in Azure – Introduction - I recently renewed my associate administrator certification, and feel it's a good opportunity to brush up on Azure landing zone. The lame part of this is the semantics. I found many similar terms across cloud service provider (CSPs). In the context of Azure, it makes sense to clarify the terms… ... Read moreLanding Zone in Azure – Introduction
- Computing services: from PaaS to Serverless - Silicon Valley startups in mid-2000s likely do not run their own IT operations (i.e. renting their own data centre spaces, purchasing their own rack-mounted servers). Since the launch of EC2, AWS has been renting extra computing capacity to those startups, in the IaaS model. The leased infrastructure requires maintenance work,… ... Read moreComputing services: from PaaS to Serverless
- MinIO for S3-compatible Object Storage - I reviewed some storage technologies on Kubernetes but they are all for block and file storage. In this post, I will discuss the current available options for container workload to use object storage. I will also touch on MinIO as an object storage solution. Object storage Block and file system… ... Read moreMinIO for S3-compatible Object Storage
Contact Digi Hunch for Professional Services.